If any of you want to play with IPv6 before your ISP supports it, you can.

I've been running an AYIYA tunnel from http://sixxs.net for about 18 months, and have a subnet assigned to my house. That, plus some basic radvd config means we've effectively got a dual-stack connection here now. Instructions at https://wiki.ubuntu.com/IPv6#Get connected with SixXS . Once it's set up, it just works, and all your machines will autoconf their own IPv6 address from your allocated subnet.

Those addresses are all publicly routable, however, so you do need to be very careful about firewalling your network (or individual machines). But, when things do start appearing that are only reachable by IPv6, you're sorted, regardless of whether your ISP is ready.

Also, one plus point with SixXS I've noticed: the tunnel here has enough bandwidth to max out our Virgin Media 50mbps connection (I was initially worried that IPv6 traffic would be severely limited, but nope!). So there's no real performance penalty for IPv6 traffic, even though it's tunnelled.

Also, I noticed that there's fewer hops (8 vs 12) and I get lower ping times (around 16ms difference) between my home connection and my BitFolk VPSs over IPv6. I'm not entirely sure why that is though...
Aaron B. Russell
email: aaron@unadopted.co.uk
blog: http://lostentropy.com
tel: +44 20 3137 4147

On Jan 30, 2011, at 8:17am, Paul Stimpson wrote:


On 29/01/11 20:41, Daniel Case wrote:

While I know that IPocalypse as the news hype is calling it, is a little bit overkill. It makes me wonder what will happen to ISP's such as Bitfolk when the IPv4's do run out?

I know a lot of home users are not up to the IPv6 standard yet (Sky Broadband are terrible) so will giving users a V6 address only mean that people still on v4 can't get to them?

I'm currently with Virgin Media (please BT will you bring fibre-to-the-cabinet or fibre-to-the-premises to our area? ADSL stinks here and we have no choice but VM). Their official position is that they've bought up a shed load of IPv4 addresses in advance and they're not in danger of running out any time soon but yes, it will happen at some point. Unfortunately they don't offer static IPs to home users so when the DHCP pool is all full it will start to hurt. Last time I saw the question asked they said they don't support IPv6, told the guy not to use it and said they had no idea when support is coming.

I think the first thing I will notice with exhaustion is when ISPs that haven't planned ahead so well run out and there start to be servers or home users (when I'm running games or VOIP) that I can't connect to because they only have IPv6.

I'm also expecting to see a massive surge in botnets and spam as people who don't understand IPv6 are put onto it and don't realise that the firewall in their PCWorld home router doesn't protect IPv6 machines. I recently found an interesting instructional video on Miro that showed how to use Teredo to hang on to a compromised Windows box. The idea was to compromise someone's laptop at a coffee shop or home then even though its IPv4 address changes as it gets moved around it will always get the same IPv6 address and the bot herder can keep hold of it as he can always find it and many firewalls will just pass IPv6 traffic unmolested. They demonstrated a feature with Teredo/Metasploit that even lets you specify that you don't want it to connect if it's behind a corporate gateway so the bot herder can use your laptop when you're at home or out but it won't connect when you take it to work where the corporate firewall/IDS may be better specified and may detect the infection. This would also enable someone malicious to plant software on a laptop that captured confidential information from within a company when the machine was on the user's desk then waited until the machine was taken home in the evening to upload the stolen data to the thief.

I consider myself a fairly advanced computer user but I recognise that I'm not well prepared for IPv6. You know how it goes, there aren't enough hours in the day and nothing is forcing me to use IPv6 yet so I just haven't found the time to research it properly. If that's the state I'm in then I think the average home use is probably in a much worse one. I expect this to be very well exploited by scuzzbuckets everywhere.

What do you think?


users mailing list